Insecure AES Usage: Default ECB Mode and Deterministic Key Generation #5
Description
这个问题是否已经存在?
- 我已经搜索过现有的问题 (https://gitee.com/risesoft-y9/y9-dataflow/issues)
如何复现
We are security researchers at Digit Institute in Germany. While reviewing [y9-module-dataflow/risenet-y9boot-support-risedata-jpa-repository/src/main/java/net/risesoft/converter/util/Y9Encrytor.java], we identified two cryptographic issues:
Use of Cipher.getInstance("AES") at line 37
Without explicitly specifying the mode and padding, "AES/ECB/PKCS5Padding" is used by default.
ECB mode is insecure as it leaks patterns in the plaintext and should not be used.
Key Generation with Fixed Seed (lines 24, 32)
The encryption key is generated by seeding SecureRandom with a constant value (KEY.getBytes()).
This makes key generation deterministic—if the seed is known, the key is easily reproducible by an attacker.
This amounts to a hardcoded key, which is a severe security risk.
Recommendations:
Always specify a secure mode and padding, such as "AES/CBC/PKCS5Padding" or, preferably, "AES/GCM/NoPadding" for authenticated encryption.
Never seed random number generators with constants for key generation. Instead, use a truly random and secret key generated securely and managed with best practices.
Addressing these will significantly improve the security of your encryption implementation.
预期结果
实际结果
截图或视频
[在这里上传图片]